CVE-2023-39920

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 13, 2024
CWE ID 862

Summary

CVE-2023-39920 is a new vulnerability affecting Themeisle Redirection for Contact Form 7. This missing authorization issue enables unauthorized access, allowing attackers to exploit incorrectly configured security levels. The affected version range is from n/a to 2.9.2. Successful exploitation could result in significant data loss or unauthorized access to contact form submissions. Users are strongly advised to update their plugins to the latest version or implement alternative security measures to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share